github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-10 07:58:15 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
689a20dca247b3e1bc9cf989b1b5afff0b054a77
infisical/docs/documentation/getting-started/docker.mdx
Tuan Dang 689a20dca2 Begin adding guides to docs
2023-04-30 14:54:54 +03:00

185 lines
5.8 KiB
Plaintext
Raw Blame History

---
title: "Docker"
---
The [Infisical CLI](/cli/overview) can be added to Dockerfiles to fetch secrets from Infisical and make them available as environment variables within containers at runtime.
Prerequisites:
- Have a project with secrets ready in [Infisical Cloud](https://app.infisical.com).
- Create an [Infisical Token](/getting-started/dashboard/token) scoped to an environment in your project in Infisical.
<Tabs>
<Tab title="Docker">
## Dockerfile Modification
Follow the instruction for your specific Linux distrubtion to add the Infisical CLI to your Dockerfile.
<Tabs>
<Tab title="Alpine">
```dockerfile
RUN apk add --no-cache bash curl && curl -1sLf \
'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.alpine.sh' | bash \
&& apk add infisical
```
</Tab>
<Tab title="RedHat/CentOs/Amazon-linux">
```dockerfile
RUN curl -1sLf \
'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.rpm.sh' | sh \
&& yum install -y infisical
```
</Tab>
<Tab title="Debian/Ubuntu">
```dockerfile
RUN apt-get update && apt-get install -y bash curl && curl -1sLf \
'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.deb.sh' | bash \
&& apt-get update && apt-get install -y infisical
```
</Tab>
</Tabs>
Next, modify the start command of your Dockerfile:
```dockerfile
CMD ["infisical", "run", "--", "[your service start command]"]
```
## Launch
Spin up your container with the `docker run` command and feed in your Infisical Token.
```console
docker run --env INFISICAL_TOKEN=<your_infisical_token> <DOCKER-IMAGE>
```
Your containerized application should now be up and running with secrets from Infisical exposed as environment variables within your application's process.
## Example Dockerfile
```dockerfile
# Select your base image (based on your Linux distribution, e.g., Alpine, Debian, Ubuntu, etc.)
FROM alpine
# Add the Infisical CLI to your Dockerfile (choose the appropriate block based on your base image)
RUN apk add --no-cache bash curl && curl -1sLf \
'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.alpine.sh' | bash \
&& apk add infisical
# Install any additional dependencies or packages your service requires
# RUN <additional commands for your service>
# Copy your service files to the container
COPY . /app
# Set the working directory
WORKDIR /app
# Modify the start command of your Dockerfile
CMD ["infisical", "run", "--", "npm run start"]
```
</Tab>
<Tab title="Docker Compose">
## Dockerfile Modifications
Follow the instruction for your specific Linux distributions to add the Infisical CLI to your Dockerfiles.
<Tabs>
<Tab title="Alpine">
```dockerfile
RUN apk add --no-cache bash curl && curl -1sLf \
'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.alpine.sh' | bash \
&& apk add infisical
```
</Tab>
<Tab title="RedHat/CentOs/Amazon-linux">
```dockerfile
RUN curl -1sLf \
'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.rpm.sh' | sh \
&& yum install -y infisical
```
</Tab>
<Tab title="Debian/Ubuntu">
```dockerfile
RUN apt-get update && apt-get install -y bash curl && curl -1sLf \
'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.deb.sh' | bash \
&& apt-get update && apt-get install -y infisical
```
</Tab>
</Tabs>
Next, modify the start commands of your Dockerfiles:
```dockerfile
CMD ["infisical", "run", "--", "[your service start command]"]
```
## Example Dockerfile
```dockerfile
# Select your base image (based on your Linux distribution, e.g., Alpine, Debian, Ubuntu, etc.)
FROM alpine
# Add the Infisical CLI to your Dockerfile (choose the appropriate block based on your base image)
RUN apk add --no-cache bash curl && curl -1sLf \
'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.alpine.sh' | bash \
&& apk add infisical
# Install any additional dependencies or packages your service requires
# RUN <additional commands for your service>
# Copy your service files to the container
COPY . /app
# Set the working directory
WORKDIR /app
# Modify the start command of your Dockerfile
CMD ["infisical", "run", "--", "[your service start command]"]
```
## Docker Compose File Modification
For each service you want to inject secrets into, set an environment variable called `INFISICAL_TOKEN` equal to a unique identifier variable. For example:
```yaml
services:
api:
build: .
image: example-service-2
environment:
- INFISICAL_TOKEN=${INFISICAL_TOKEN_FOR_API}
...
```
## Export shell variables
Next, set the shell variables you defined in your compose file. Continuing from the previous example:
```console
export INFISICAL_TOKEN_FOR_API=<your_infisical_token>
```
## Launch
Spin up your containers with the `docker-compose up` command.
```console
docker-compose up
```
Your containers should now be running with the secrets from Infisical available inside as environment variables.
</Tab>
</Tabs>
Resources:
- [Documentation for Docker](/integrations/platforms/docker)
- [Documentation for Docker Compose](/integrations/platforms/docker-compose)
Reference in New Issue View Git Blame Copy Permalink